77044ab17aad1e42a80cdb099e8918ef1baaf414d3bb27232c9771193153775f

Sharing

Copy URL

Twitter E-mail

General

Target

77044ab17aad1e42a80cdb099e8918ef1baaf414d3bb27232c9771193153775f
Size

364KB
MD5

3c628b0f9192fc3fb469c1dfd465d860
SHA1

b4893da7b66f2c40186ed087b04545c92e8ba0ea
SHA256

77044ab17aad1e42a80cdb099e8918ef1baaf414d3bb27232c9771193153775f
SHA512

ef7bacced1b22ae2507c580250a51d8b314885cf1b1ec491a4b4d6684042df016975617bb7584dc4cfd4706234971c284f9e04a3f5e3ab6a1f0cf6d174a0e292
SSDEEP

3072:yuiQpfVC20RvT1dihEUr1m5f6oQ0OJblopdynsp1krZd3ByiPjfDH5bmfpLhhhtD:xplg5RBYjkf6QpL65qhtTEg2FQTyF+

Score

N/A

Malware Config

Signatures

Files

77044ab17aad1e42a80cdb099e8918ef1baaf414d3bb27232c9771193153775f
.exe windows x86

9823fbd55b8e0a43f81576a35b6eb94d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

shlwapi

PathFindExtensionA

kernel32

HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
HeapReAlloc
GetStartupInfoA
ExitProcess
HeapSize
TerminateProcess
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStringTypeA
GetStringTypeW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
IsBadReadPtr
SetStdHandle
GetModuleFileNameA
LocalFree
LocalAlloc
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
RaiseException
InitializeCriticalSection
DeleteCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceA
GetLastError
InterlockedDecrement
lstrlenA
CloseHandle
GetCurrentProcess
GetCurrentThread
InterlockedIncrement
lstrcpyA
FlushFileBuffers
SetFilePointer
GetOEMCP
GetCPInfo
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpW
GlobalFlags
lstrcmpA
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
lstrcatA
GetModuleHandleA
FreeLibrary
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
Sleep
GetTickCount
SetLastError
GlobalLock
GlobalUnlock
FormatMessageA
OutputDebugStringA
GetProcAddress
CreateProcessA
GlobalAlloc
GlobalFree
CreateFileA
WriteFile
GetVersion
OpenProcess
VirtualAllocEx
WriteProcessMemory
VirtualFreeEx
CreateRemoteThread
WaitForSingleObject
CreateToolhelp32Snapshot
Process32First
Process32Next
GetCommandLineA
LoadLibraryA
GetCurrentThreadId
GetTempPathA
IsBadCodePtr

user32

PostQuitMessage
DestroyMenu
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
PostMessageA
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowPos
SetWindowLongA
GetDlgItem
SetWindowsHookExA
CallNextHookEx
DispatchMessageA
GetKeyState
PeekMessageA
ValidateRect
ClientToScreen
GetDlgCtrlID
GetWindowRect
PtInRect
GetFocus
SetWindowTextA
GetWindowTextA
SendMessageA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
LoadCursorA
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetProcessWindowStation
GetThreadDesktop
OpenWindowStationA
SetProcessWindowStation
OpenDesktopA
SetThreadDesktop
CloseWindowStation
CloseDesktop
UnregisterClassA
FindWindowExA
GetTopWindow
GetWindowThreadProcessId
GetClassNameA
GetWindow
IsWindowVisible
PostThreadMessageA
LoadStringA
MessageBoxA
CharNextA

gdi32

ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps
DeleteObject

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

SetSecurityDescriptorGroup
OpenServiceA
OpenSCManagerA
LookupPrivilegeValueA
DuplicateTokenEx
SetTokenInformation
AdjustTokenPrivileges
CreateProcessAsUserA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
RegEnumKeyExA
RegCreateKeyExA
RegQueryInfoKeyA
OpenThreadToken
OpenProcessToken
GetTokenInformation
CloseServiceHandle
SetSecurityDescriptorOwner
InitializeSecurityDescriptor
IsValidSid
GetLengthSid
CopySid
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
SetServiceStatus
RegisterEventSourceA
ReportEventA
DeregisterEventSource
ControlService
DeleteService
CreateServiceA
StartServiceA

comctl32

ord17

ole32

CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoTaskMemRealloc
CoRegisterClassObject
CoInitializeSecurity
CoCreateInstance
StringFromGUID2
CoUninitialize

oleaut32

VariantChangeType
VariantClear
SysFreeString
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
VariantInit

wtsapi32

WTSQueryUserToken

userenv

CreateEnvironmentBlock

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9823fbd55b8e0a43f81576a35b6eb94d

Headers

File Characteristics

Imports

version

shlwapi

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

ole32

oleaut32

wtsapi32

userenv

Sections

.text Size: 88KB - Virtual size: 86KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 240KB - Virtual size: 240KB

.text
Size: 88KB - Virtual size: 86KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 240KB - Virtual size: 240KB